Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-6951-4
HistoryAug 21, 2024 - 4:57 p.m.

linux-bluefield vulnerabilities

2024-08-2116:57:32
Google
osv.dev
8
linux kernel
security update
arm64
m68k
uml
x86
accessibility
character device driver
clock framework
cpu frequency scaling
hardware crypto
firewire
gpu drivers
irq subsystem
kernel debugger
bluetooth
ipv4
ipv6
netfilter
alsa framework
cve-2024-xxxxx

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

  • ARM64 architecture;
  • M68K architecture;
  • User-Mode Linux (UML);
  • x86 architecture;
  • Accessibility subsystem;
  • Character device driver;
  • Clock framework and drivers;
  • CPU frequency scaling framework;
  • Hardware crypto device drivers;
  • Buffer Sharing and Synchronization framework;
  • FireWire subsystem;
  • GPU drivers;
  • HW tracing;
  • Macintosh device drivers;
  • Multiple devices driver;
  • Media drivers;
  • Network drivers;
  • Pin controllers subsystem;
  • S/390 drivers;
  • SCSI drivers;
  • SoundWire subsystem;
  • Greybus lights staging drivers;
  • TTY drivers;
  • Framebuffer layer;
  • Virtio drivers;
  • 9P distributed file system;
  • eCrypt file system;
  • EROFS file system;
  • Ext4 file system;
  • F2FS file system;
  • JFFS2 file system;
  • Network file system client;
  • NILFS2 file system;
  • SMB network file system;
  • Kernel debugger infrastructure;
  • IRQ subsystem;
  • Tracing infrastructure;
  • Dynamic debug library;
  • 9P file system network protocol;
  • Bluetooth subsystem;
  • Networking core;
  • IPv4 networking;
  • IPv6 networking;
  • Netfilter;
  • NET/ROM layer;
  • NFC subsystem;
  • NSH protocol;
  • Open vSwitch;
  • Phonet protocol;
  • TIPC protocol;
  • Unix domain sockets;
  • Wireless networking;
  • eXpress Data Path;
  • XFRM subsystem;
  • ALSA framework;
    (CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399,
    CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919,
    CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558,
    CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633,
    CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886,
    CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971,
    CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353,
    CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661,
    CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381,
    CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017,
    CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612,
    CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567,
    CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019,
    CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882,
    CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940,
    CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582,
    CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954,
    CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902,
    CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941,
    CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270,
    CVE-2024-39292, CVE-2024-39471, CVE-2022-48674)

References

Related

osv 27
ubuntu 12
nessus 41
openvas 17
oraclelinux 4
debian 1
amazon 3
fedora 2
redhat 2
redos 1
photon 2
redhatcve 9
nvd 15
ubuntucve 11
cvelist 10
debiancve 13
cve 10
vulnrichment 12
cbl_mariner 7
osv
osv
linux-azure vulnerabilities
2024-08-14 17:25:05
linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-raspi, linux-xilinx-zynqmp vulnerabilities
2024-08-08 22:45:31
linux-azure-5.4 vulnerabilities
2024-08-19 15:54:38
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-08-08 00:00:00
Linux kernel (BlueField) vulnerabilities
2024-08-21 00:00:00
Linux kernel (Azure) vulnerabilities
2024-08-19 00:00:00
nessus
nessus
Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6951-3)
2024-08-19 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6951-1)
2024-08-08 00:00:00
Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6951-2)
2024-08-14 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6951-3)
2024-08-20 00:00:00
Ubuntu: Security Advisory (USN-6951-4)
2024-08-22 00:00:00
Ubuntu: Security Advisory (USN-6951-1)
2024-08-09 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2024-08-12 00:00:00
Unbreakable Enterprise kernel security update
2024-08-12 00:00:00
Unbreakable Enterprise kernel-container security update
2024-08-12 00:00:00
debian
debian
[SECURITY] [DSA 5703-1] linux security update
2024-06-02 17:04:56
amazon
amazon
Important: kernel
2024-08-01 03:01:00
Important: kernel
2024-06-19 19:15:00
Important: kernel
2024-07-31 22:26:00
fedora
fedora
[SECURITY] Fedora 40 Update: kernel-6.8.10-300.fc40
2024-05-22 01:28:10
[SECURITY] Fedora 39 Update: kernel-6.8.10-200.fc39
2024-05-22 01:22:53
redhat
redhat
(RHSA-2024:5522) Important: kpatch-patch-4_18_0-553 security update
2024-08-19 00:59:33
(RHSA-2024:5520) Important: kpatch-patch-4_18_0-477_43_1 security update
2024-08-19 00:59:30
redos
redos
ROS-20240905-04
2024-09-05 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0640
2024-06-26 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0769
2024-06-28 00:00:00
redhatcve
redhatcve
CVE-2022-48674
2024-05-03 18:54:34
CVE-2024-38607
2024-06-20 14:29:37
CVE-2024-39467
2024-06-25 20:52:21
nvd
nvd
CVE-2023-52585
2024-03-06 07:15:07
CVE-2024-38579
2024-06-19 14:15:17
CVE-2024-39471
2024-06-25 15:15:15
ubuntucve
ubuntucve
CVE-2024-37353
2024-06-21 00:00:00
CVE-2024-38567
2024-06-19 00:00:00
CVE-2024-38558
2024-06-19 00:00:00
cvelist
cvelist
CVE-2024-37353
2024-06-21 10:18:10
CVE-2024-38582 nilfs2: fix potential hang in nilfs_detach_log_writer()
2024-06-19 13:37:39
CVE-2024-38612 ipv6: sr: fix invalid unregister error path
2024-06-19 13:56:13
debiancve
debiancve
CVE-2024-38587
2024-06-19 14:15:18
CVE-2024-38567
2024-06-19 14:15:16
CVE-2024-38582
2024-06-19 14:15:18
cve
cve
CVE-2024-38612
2024-06-19 14:15:21
CVE-2024-38589
2024-06-19 14:15:19
CVE-2024-39488
2024-07-10 08:15:11
vulnrichment
vulnrichment
CVE-2024-38558 net: openvswitch: fix overwriting ct original tuple for ICMPv6
2024-06-19 13:35:28
CVE-2024-39467 f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode()
2024-06-25 14:25:05
CVE-2024-38560 scsi: bfa: Ensure the copied buf is NUL terminated
2024-06-19 13:35:29
cbl_mariner
cbl_mariner
CVE-2024-39493 affecting package kernel for versions less than 5.15.162.2-1
2024-08-05 03:22:58
CVE-2024-39292 affecting package kernel for versions less than 5.15.162.2-1
2024-08-05 03:22:58
CVE-2024-39475 affecting package kernel for versions less than 5.15.162.2-1
2024-08-05 03:22:58

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON
Related for OSV:USN-6951-4
osv27ubuntu12nessus41openvas17oraclelinux4debian1amazon3fedora2redhat2redos1photon2redhatcve9nvd15ubuntucve11cvelist10debiancve13cve10vulnrichment12cbl_mariner7